1. Home
  2. Products
  3. Cloud Billing Database
  4. Documentation
  5. 1.0
  6. Installation Instructions
  7. Prerequisite: Create an IAM Role for Cloud Billing

Prerequisite: Create an IAM Role for Cloud Billing

Create Policy

We'll start this by going to the AWS console. We will go to IAM.

We want to make a new role, so click on Policies.

We'll click on the Get Started button.

Then we'll click on the Create Policy button.

And we will create our own policy.

We'll set the policy name to be cloud-billing.

Then we will set the description to be Allow cloud-billing service to run.

We will set the policy document now:

Policy document will be:

Policy Document

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
{
    "Version": "2012-10-17",
    "Statement":[
        {
            "Effect": "Allow",
            "Action": "s3:GetObject",
            "Resource": "arn:aws:s3:::billing-example/*"
        },
        {
            "Effect": "Allow",
            "Action": "s3:ListBucket",
            "Resource": "arn:aws:s3:::billing-example"
        },
        {
            "Effect": "Allow",
            "Action": "dynamodb:*",
            "Resource": "arn:aws:dynamodb:us-east-1:123456789012:table/dowdandassociatesCloudCostManagementConfiguration"
        }
    ]
}

The following needs to be replaced.

text replacement 
billing-example
 Name of the S3 bucket we setup in Prerequisite: Sign up for Programmatic Billing Access. 
123456789012
 Your AWS account number (without the dashes).

Getting your account number

If you don't know your AWS account number, you can find it by going to the AWS homepage http://aws.amazon.com/.

Go to My Account.

You can then find it on the top of the page, in the marked spot.

Continuing with policy

Press the Validate Policy button to check the policy

If the policy is valid, a message will appear to say so.

Then we'll press the Create Policy button.

And now the policy is created.

Create Role

Next up is the create the IAM role. So click on Roles on the left hand side.

We'll click on the Create New Role button.

We'll set the role name to be cloud-billing.

Then click on the Next Step button.

And we will create an Amazon EC2 service role

Then we search for the cloud-billing policy.

Select the cloud-billing policy.

Then click the Next Step button.

Review the role then click Create Role.

The IAM role is setup and ready to go.

Amazon Web Services, the "Powered by Amazon Web Services" logo, AWS, Amazon EC2, Amazon S3, and DynamoDB are trademarks of Amazon.com, Inc. or its affiliates in the United States and/or other countries.